Solved: Re: AnyConnect - No policy server detected

dgaikwad · ‎12-05-2019

Hi Experts,
Going through migration from Cisco NAC Agent to AnyConnect.
Since, we are going location wise, I have called the switch IP address in Client Provisioning policy to do posture check via AnyConnect.
But, the posture check is still happening via NAC Agent and no via AnyConnect, while AnyConnect shows no policy server detected?

hslai · ‎12-08-2019

When switching from NAC agent to AnyConnect ISE posture, we have to ensure the ISE client provisioning is configured to use AnyConnect.

Please also take a look at ISE Posture Prescriptive Deployment Guide

View solution in original post

Mike.Cifelli · ‎12-06-2019

How did you configure your AC profile posture agent settings in ISE? In there you need to specify the ip address of your ISE psn/s under the posture protocol section.

hslai · ‎12-08-2019

When switching from NAC agent to AnyConnect ISE posture, we have to ensure the ISE client provisioning is configured to use AnyConnect.

Please also take a look at ISE Posture Prescriptive Deployment Guide

dgaikwad · ‎12-16-2019

The issue has been resolved.
We were using 9200 series switch with Denali OS 16.x, this new OS requires the device-tracking policy IPDT_Policy, command applied.
Applying this command resolved the issue.